Closed cvgw closed 3 years ago
I think this is reasonable. TBH I am not sure if the Apache HTTP client sets the host header. I'll check.
Hello,
Just wanted to mention I was in the exact same situation, with the below setup :
[INTERNET] ----> pfSense [HAProxy] ----> nginx / rTorrent
HAProxy is in charge of SSL offloading.
Thanks to cvgw's initial post, I managed to solve my issue. Initially, in my HAProxy setup, I had ACLs setting backends based on host name. As I wanted a "one-to-one" approach, I didn't have any default backend set.
Enabling a default backend, and setting it to the one running nginx/rtorrent solved the issue.
So cvgw must be right, the HTTP Host header is likely not being set by Transdroid, preventing HAProxy to forward the request to the appropriate backend.
What would be a good value for the host header? transdroid.org
?
What would be a good value for the host header?
transdroid.org
?
IMO it would ideally based on the value set for the torrent server.
IE
if I use foo.bar.baz:8888 as the config for my server in transdroid the host header should be set to foo.bar.baz (like if you were using curl)
If the user supplies an IP address (eg 192.168.1.66) then no host header should be set.
I could see adding an option host header via the UI that overrides both of these behaviors.
In the event that isn't possible, doing a well known string like you suggested, transdroid.org
seems like a reasonable compromise.
I tried to implement this but when I send a Host header, my connection (to a bare bones rTorrent setup, so no reverse proxt) stopped working. So I am not sure this is compatible with existing non-proxied setups... Am I doing something wrong?
I don't really feel like making this yet another option.
I tried to implement this but when I send a Host header, my connection (to a bare bones rTorrent setup, so no reverse proxt) stopped working. So I am not sure this is compatible with existing non-proxied setups... Am I doing something wrong?
I don't really feel like making this yet another option.
I took a quick look at the specs for both SCGI and XMLRPC as well as the implementation of the XMLRPCClient this repo is using.
It looks like the XMLRPCClient might automatically set the host header and that it doesn't allow for modification of the header.
SCGI seems to expect the headers are in a specific order and packed in a specific way with no duplicates.
My guess, is that the request with the XMLRPCClient needs to be made using the fqdn rather than the resolved IP address so that the host header is set.
Is this what you tried and it borked your rtorrent connection with no proxy?
Edit: also apologies if I've misunderstood anything or made incorrect assumptions. Please feel free to correct me.
Hmm whilst the XMLRPCClient has some constants declared on the host header, it didn't't supply it by default. I have made this change and it seems to work well. I will release a new beta - could you give it a test?
Downloaded and installed v2.5.20 beta 3, Transdroid help shows v2.5.20 in "recent changes".
I have disabled the default backend on my HAProxy and Transdroid keeps working fine now. Seems to be fixed to me.
Let's see if @cvgw also confirms ?
Thanks @erickok
I had exactly the same issue after switching from Nginx to Relayd.
In my case it turned out to be because Transdroid uses domain.name:443
for the Host header value, rather than just domain.name
. Apparently Nginx strips the :443
part automatically when doing matching based on the Host header, which explains why it worked before.
I fixed it by adding domain.name:443
as a domain alias for the rTorrent vhost in my HTTPS reverse proxy.
Maybe v2.5.20 simply strips the :<port>
suffix from the Host header when using the default HTTPS port.
I'm not very familiar with scgi mounts and the RPC layer for rtorrent so I apologize in advance for any confusion/inaccuracies.
I'm running into an issue where Transdrone is unable to connect to rtorrent when running behind nginx and haproxy.
Nginx is serving the scgi mount at /RPC2
Haproxy is doing reverse proxying based on the HTTP Host header (EG rtorrent.foo.bar)
When I point the Transdone app at Haproxy I can see in the Haproxy logs that the requests to /RPC2 are sent to the default backend, leading me to wonder if the Host header is unset
When I point Transdrone directly at Nginx it works as expected
Other front-ends (rutorrent, flood, etc) work as expected when connecting via Haproxy
Is it reasonable to expect that Transdone would set the HTTP Host header on requests to the scgi mount endpoint?
Is the Host header not generally set when communicating with an scgi mount endpoint?
Cheers